Views:
Cloud App Security supports using OAuth 2.0 to access Exchange Online with a service account (Authorized Account). With the OAuth 2.0 framework, Cloud App Security obtains an access token to get limited access on the Global Administrator's behalf to run advanced threat protection and data loss prevention scanning on email messages in protected mailboxes.
Cloud App Security supports two protection modes for Exchange Online. For details, see Protection modes for email services. Each mode requires separate access grant.
You can choose to have both or either of the protection types for your Exchange Online service based on your requirements.